Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains teamcity vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-7909
In JetBrains TeamCity prior to 2019.1.5, some server-stored passwords could be shown via the web UI.
Jetbrains Teamcity
7.5
CVSSv3
CVE-2019-15042
An issue exists in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1.
Jetbrains Teamcity 2018.2.4
7.5
CVSSv3
CVE-2019-15038
An issue exists in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity 2019.1.
Jetbrains Teamcity 2018.2.4
7.5
CVSSv3
CVE-2019-12841
Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity. The issue was fixed in TeamCity 2018.2.2.
Jetbrains Teamcity
7.2
CVSSv3
CVE-2019-15036
An issue exists in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could execute any command on the server machine. The issue was fixed in TeamCity 2018.2.5 and 2019.1.
Jetbrains Teamcity 2018.2.4
6.5
CVSSv3
CVE-2023-38062
In JetBrains TeamCity prior to 2023.05.1 parameters of the "password" type could be shown in the UI in certain composite build configurations
Jetbrains Teamcity
6.5
CVSSv3
CVE-2023-38067
In JetBrains TeamCity prior to 2023.05.1 build parameters of the "password" type could be written to the agent log
Jetbrains Teamcity
6.5
CVSSv3
CVE-2023-38064
In JetBrains TeamCity prior to 2023.05.1 build chain parameters of the "password" type could be written to the agent log
Jetbrains Teamcity
6.5
CVSSv3
CVE-2015-1313
JetBrains TeamCity 8 and 9 prior to 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
Jetbrains Teamcity
6.5
CVSSv3
CVE-2023-34228
In JetBrains TeamCity prior to 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions
Jetbrains Teamcity
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »